<?php

    class UserController extends Controller {
        public $metaDescription = null;
        public $metaKeywords = null;
        public $linkCanoncical = null;
        public $title = null;
        public $layout = 'column_main';

        public function actionLogout(){
            $url = new Url();
            session_unset();
            //$this->redirect($_SERVER["HTTP_REFERER"]);
            $this->redirect($url->createUrl("site/index"));
        }

        public function actionIndex(){
            $url = new Url();
            $this->title = "Trang ca nhan | xem ket qua xo so truc tiep | ket qua ve so truc tuyen";
            $rowUser = array();
            $rowTransaction = array();
            $rowTicket = array();
            $rowDetail = array();
            $arr_ticket = array();
            $arr_province = array();

            //$_SESSION["user"] = array("id"=>4,"username"=>"nvha9589");
            if(isset($_SESSION["user_pm"])){ 
                $id_user = intval($_SESSION["user_pm"]["user_id"]);
                $data = User::getRowById($id_user);                             
                $this->render("index",array("data"=>$data));
            }else{
                $this->redirect($url->createUrl("site/index")); 
            }
        }

        public function actionLogin(){
            $url = new Url();
            if(!isset($_SESSION["user_pm"])){
                $this->render("login",array());
            }else{
                $this->redirect($url->createUrl("site/index"));
            }
        }        

        public function actionRegister(){
            $url = new Url();
            if(!isset($_SESSION["user_xoso"])){
                $this->render("register",array());
            }else{
                echo "<script type='text/javascript'>history.go(-1);</script>";
            }

        }

        public function actionDetail(){
            $url = new Url();
            $user_id = isset($_GET["user_id"])?mysql_escape_string($_GET["user_id"]):0;
            $data_user = User::getRowById($user_id);
            $this->render("detail",array("data_user"=>$data_user));
        }
        
        public function actionChangePass(){
            $url = new Url();
            if(isset($_SESSION["user_pm"])){  
                $id_user = intval($_SESSION["user_pm"]["user_id"]);
                $data = User::getRowById($id_user);                             
                $this->render("change_pass",array("data"=>$data));
            }else{
                $this->redirect($url->createUrl("site/index"));
            }

        }        
        
        public function actionAjaxSubmitLogin(){

            $username = isset($_POST["username"])?mysql_escape_string($_POST["username"]):"";
            $pass = isset($_POST["password"])?mysql_escape_string($_POST["password"]):"";

            $password = User::getMd5($pass);
            $row = User::getRowByUsernameAndPass($username,$password);
            if($row){  
                $rowUser = User::getRowById($row["user_id"]);                 
                $_SESSION["user_pm"]=$rowUser;                
                echo 1;
            }else{
                echo 0;
            }

        }    

        public function actionAjaxSubmitRegister(){            

            $username = isset($_GET["user_username"])?mysql_escape_string($_GET["user_username"]):"";
            $password = isset($_GET["user_password"])?mysql_escape_string($_GET["user_password"]):"";
            $fullname = isset($_GET["user_fullname"])?mysql_escape_string($_GET["user_fullname"]):"";
            $email = isset($_GET["user_mail"])?mysql_escape_string($_GET["user_mail"]):"";            
            $filepath = isset($_GET["filepath"])?mysql_escape_string($_GET["filepath"]):"";            
            $personal_id = isset($_GET["personal_id"])?mysql_escape_string($_GET["personal_id"]):"";                        
            $user_birthday = isset($_GET["user_birthday"])?mysql_escape_string($_GET["user_birthday"]):"";            
            $user_mobile = isset($_GET["user_mobile"])?mysql_escape_string($_GET["user_mobile"]):"";            
            $user_address = isset($_GET["user_address"])?mysql_escape_string($_GET["user_address"]):"";            
            $user_birthday = strtotime(DateUtils::convertDatedb($user_birthday));
            
            $rowUsername = User::getRowByUsername($username);

            if($rowUsername){
                echo -3;exit;
            }

            $password = User::getMd5($password);

            $last_id = User::insertRow($username,$password,$fullname,$email,$user_birthday,$user_mobile,$user_address,$filepath,$personal_id);
            if($last_id !=0){
                $rowUser = User::getRowById($last_id);    
                //$_SESSION["user"] = $rowUser;        
                echo 1;
            }else{
                echo 0;
            }
        }

        public function actionAjaxSubmitUpdate(){            
            $user_id = isset($_GET["user_id"])?mysql_escape_string($_GET["user_id"]):"";
            $fullname = isset($_GET["fullname"])?mysql_escape_string($_GET["fullname"]):"";
            $birthday = isset($_GET["birthday"])?mysql_escape_string($_GET["birthday"]):"";
            $email = isset($_GET["email"])?mysql_escape_string($_GET["email"]):"";                                                        
            $mobile = isset($_GET["mobile"])?mysql_escape_string($_GET["mobile"]):"";                                                        
            $address = isset($_GET["address"])?mysql_escape_string($_GET["address"]):"";                                                        
            $personal_id = isset($_GET["personal_id"])?mysql_escape_string($_GET["personal_id"]):"";                                                        
            $image = isset($_GET["image"])?mysql_escape_string($_GET["image"]):"";                                                        
            $array_input['fullname'] = $fullname;
            $array_input['birthday'] = strtotime(DateUtils::convertDatedb($birthday));
            $array_input['email'] = $email;
            $array_input['mobile'] = $mobile;
            $array_input['address'] = $address;
            $array_input['image'] = $image;
            $array_input['personal_id'] = $personal_id;
            $last_id = User::updateObject($array_input,"user_id",$user_id);
            if($last_id !=0){            
                echo 1;
            }else{
                echo 0;
            }
        }
        
        public function actionAjaxSubmitChangePass(){            
            $user_id = isset($_GET["user_id"])?mysql_escape_string($_GET["user_id"]):"";
            $password = isset($_GET["password"])?mysql_escape_string($_GET["password"]):"";
            $new_password = isset($_GET["new_password"])?mysql_escape_string($_GET["new_password"]):"";            
                        
            $row = User::getRowById($user_id);

            $password = User::getMd5($password);                        
            
            if($password != $row['password']){
                echo -3;exit;
            }            
                        
            $array_input['password'] = User::getMd5($new_password);            
            $last_id = User::updateObject($array_input,"user_id",$user_id);
            
            if($last_id !=0){            
                echo 1;
            }else{
                echo 0;
            }
        }

        public function actionAjaxDelete(){            
            $user_id = isset($_GET["user_id"])?mysql_escape_string($_GET["user_id"]):"";            
            $array_input['user_id'] = $user_id;
            $last_id = User::deleteObject($array_input);
            if($last_id !=0){            
                echo 1;
            }else{
                echo 0;
            }
        }                        

    }

?>
